Below is a collection of the publications and materials developed to support state and local officials in their efforts to safeguard election systems. Beyond these resources, CISA offers voluntary and free assistance to state and local election officials and authorities to support their infrastructure’s security.
Checklists and Guides
DHS Campaign Checklist
A one-page cybersecurity checklist to support political campaigns in protecting against malicious actors.
Election Security Resources Guide
A compilation of CISA contacts and resources available to support state and local election officials.
An overview of Hyper Text Transfer Protocol Secure (HTTPS), which is used to encrypt and securely transmit information between a user's web browser and the website they are connected to. Encryption is especially important on webpages that collect information through forms or require a user to login, such as online voter registration.
Incident Handling Overview for Election Officials
A summary of CISA’s cyber incident response team services for election officials as well as one page guidance on incident response planning considerations, a checklist for requesting assistance, the incident response process and common mistakes to avoid.
Ransomware Executive One Pager and Technical Document
An interagency guide that provides an aggregate of Federal government and private industry best practices and mitigation strategies focused on the prevention and response to ransomware incidents.
Securing Voter Registration Data
An overview of threats to voter registration websites and databases along with recommendations on how election officials and network administrators can protect and prevent the threats.
Leveraging the .gov
The .gov domain is a top-level domain (TLD) that was established to make it easy to identify US-based government organizations on the internet. All three branches of the US Government, and all 50 states, and many local governments use .gov for their domains.
Domain-Based Message Authentication, Reporting and Conformance (DMARC) is an email authentication policy that protects against bad actors using fake email addresses disguised to look like legitimate emails from trusted sources. DMARC makes it easier for email senders and receivers to determine whether or not an email legitimately originated from the identified sender. Further, DMARC provides the user with instructions for handling the email if it is fraudulent.
Multi-factor authentication (MFA) is a layered approach to securing data and applications where a system requires a user to present a combination of two or more credentials to verify a user's identify for login. MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database.
Ransomware Guidance for Election Officials
This document includes best practices to protect your systems and data against ransomware, planning for a ransomware incident, recovering from a ransomware attack, and CISA services and support.
U.S. Electoral Process Infographic
An infographic that outlines pre-election, election day, and post-election activities that rely on election infrastructure.
Ensuring and Securing Your Vote - National Audience
An infographic outlining best practices for voters, co-logoed by the U.S. Election Assistance Commission, the National Association of Secretaries of State, the National Association of State Election Directors, and the Department of Homeland Security.
Ensuring and Securing Your Vote - State & Local Audience
An infographic outlining best practices for voters that can be customized with a state or local website for additional information, co-logoed by the U.S. Election Assistance Commission, the National Association of Secretaries of State and the National Association of State Election Directors.
Foreign Interference Taxonomy
An infographic that explains malign actions taken by foreign governments or foreign actors for the purpose of undermining the interests of the U.S. and its allies.
Before You Vote - National
A joint flyer produced by the U.S. Election Assistance Commission, the National Association of Secretaries of State, the National Association of State Election Directors, and the Department of Homeland Security to educate voters on actions they should take before Election Day.
Before You Vote - State and Local
A joint flyer produced by the U.S. Election Assistance Commission, the National Association of Secretaries of State, and the National Association of State Election Directors that can be customized with a state or local election information website to educate voters on actions they should take before Election Day.
Vote with Confidence
A joint flyer produced by the U.S. Election Assistance Commission, the National Association of Secretaries of State, the National Association of State Election Directors, and the Department of Homeland Security to help voters cast their ballots with confidence.
State & Local Official Results
A joint flyer produced by the U.S. Election Assistance Commission, the National Association of Secretaries of State, the National Association of State Election Directors, and the Department of Homeland Security to remind voters that only state and local election officials provide official results.
Election Infrastructure Security Funding Considerations
A report produced by the Election Infrastructure Subsector Government Coordinating Council to provide direction to the election community regarding possible consideration, both short and long term, for the use of 2018 Congressionally appropriated election funding, as well as to provide support for procurement decisions regarding use of the funding.
Best Practices for Continuity of Operations
A paper providing organizations recommended guidance and considerations as part of their network architecture, security baseline, continuous monitoring, and Incident Response practices in order to actively prepare for and respond to a disruptive event such as destructive malware.
|Election Security Resources Guide||1.35 MB|
|U.S. Electoral Process Infographic||386.1 KB|
|The Ransomware Executive One-Pager and Technical Document||782.4 KB|
|Election Infrastructure Security Funding Considerations||435.61 KB|
|Securing Voter Registration Data||480.31 KB|
|Best Practices for Continuity of Operations||548.06 KB|
|Incident Handling Overview for Election Officials||1.64 MB|
|Ensuring and Securing Your Vote - National Audience||527.2 KB|
|Ensuring and Securing Your Vote - State & Local Audience||413.26 KB|
|DHS Campaign Checklist||629.2 KB|
|Foreign Interference Taxonomy||797.37 KB|
|Before You Vote- National||1.01 MB|
|Before You Vote- State and Local||1003.18 KB|
|Vote with Confidence||322.37 KB|
|State & Local Official Results||672.42 KB|
|Leveraging the .gov||205.15 KB|
|Multi-Factor Authentication||180.53 KB|
|Ransomware Guidance for Election Officials||290.02 KB|